Low Orbit Ion Cannon

The world of Information Security is growing leading to the development of codes which brings vulnerability within them causing a loophole in the security.

But the most common issue till date to most of the web servers and service providers online is DDoS, one of the oldest and developing methods of the hacking world.

Denial Of Service

DOS or Denial-Of-Service attack is one of the most popular hack methodologies which most of the hackers around the world use to hack into any network or bring any service down.

In this way, the server will not be able to accept valid user request causing a denial of service to the user.

They are as DOS or DDOS attack.

DOS refers to the attack type when an attacker attacks a target vulnerable to DOS with only a single IP and the target tries to reply for each of the packet requests it gets and when the request flow is more than it’s Bandwidth or more than its accepting capacity then it fails to accept new connections and rejects the new connections causing denial of service.

This can be prevented by modern firewalls by applying a patch script in them which would specify the number of connections that must be provided to a single IP or IP range.

Distributed DOS Attack

DDOS is a type of multiple DOS attack which is performed by an attacker using BOTNETS which he/she had made in course of time by sending malicious link or attachment and compromising internet users or webcams or smart devices.

Since the attacker has the access to the botnets which can be instructed to perform a DOS attack cause multiple devices to DOS a single target which is patched only for DOS rather than DDOS.

In this case, the target receives request’s from multiple IP’s over the internet causing the DOS patch to breakout.

This effectively makes it impossible to stop the attack simply by blocking a single IP more than that it’s very difficult to distinguish legitimate users data packets from an attacking packet.

This can also be done by a script which performs the task of generating packets with different source IP’s but single Destination IP.

LOIC (Low Orbit Ion Cannon)

Low Orbit Ion Cannon is an open source network stress testing and Denial of Service attack tool, written in C#. LOIC was developed by Praetox Technologies but later was released into public domain hosting on several open platforms.

The tool is able to perform a simple dos attack by sending a large sequence of UDP, TCP or HTTP requests to the target server.

It’s a very easy tool to use, even by those lacking any basic knowledge of hacking.

The only thing a user needs to know for using the tool is the URL of the target.

Type of attacks

The tool opens multiple connections to the target server and sends a continuous sequence of messages which can be defined from the TCP/UDP message parameter option available on the tool.

In the TCP and UDP attacks, the string is sent as a plain text but in the HTTP attack, it is included in the contents of an HTTP GET message.

UDP Attack

To perform the UDP attack, select the method of attack as UDP.

It has port 80 as the default option selected, but you can change this according to your need.

It is a connectionless protocol.

TCP Attack:

This method is similar to UDP attack.

Select the type of attack as TCP to use this. It is a connection based protocol.

HTTP Attack:

In this attack, the tool sends HTTP requests to the target server.

A web application firewall can detect this type of attack easily.

How to Perform DDoS using LOIC

Downloading :-

You can Download LOIC from any site by making a google search and install on any OS, it would be advantageous if you using any Linus Distributions (Kali Linux) and build from downloading it from GitHub. Copy-paste the following command in Linux terminal to download LOIC

Run the tool and Provide the IP or URL of the Victim in the Target Section 1, it will be shown in the selected target box.

Select your attack method in section

You can observe your attack status in the box provided under the selected target region.

You can also set the speed of the attack by the slider. It is set to faster as default but you can slow down it with the slider.

Here’s the meaning of each field:

IDLE: It shows the number of threads idle. It must be zero for higher efficiency of the attack.

Connecting: This shows the number of connection that is been tried to connect to the victim server.

Requesting: This shows the number of connections that are requesting some information from the victim server.

Downloading: This shows the number of connection that is initiating some download for some information from the server.

Downloaded: This number shows how many times data is been downloading, which has been initiated from victim server on which you are attacking.

Requested: This number shows how many times a data download has been requested from victim server.

Failed: This number shows how many times the server did not respond to the request. A larger number of fails in this field indicates the server is going down. The success of the attack can be measured by the number shown in this field.

Drawbacks of using LOIC

This tool does not take any precautions to hide IP address of the origin of the attack. Attacks generated by this tool are simple and expose the IP address of attacker in each request packet sent to victim server to flood the request queue. If you are thinking that we can use proxies to solve this problem, you are wrong. Attackers cannot use proxies in these attacks because your requests will hit the proxy server, not the target server. So you will not be able to launch a DOS attack on the server effectively while using a proxy. But some analysts say that this can be used with a proxy server if the proxy is robust enough. According to them, all your request packets will be forwarded to the server system by proxy at the end.

# This is what they say

Martin

Hello :), I have been following your tutorials and think they are really good. I have basic pentesting skills and know basically how to use Kali, metasploit etc. but have no coding skills which is something I will be working on, but I would like to ask you if you would tutor me, against compensation of course in regards to getting things working, I mean if I’m stuck I could ask you for advice, this way I would learn faster and not waste days on a problem, and you would be able to supplement your income wile you study, I would need maybe 4-6 hours per week. If you find it int. let talk rates and get going :), best regards Martin.

26th January 2018 at 5:47 PM

Eitan

Hello dear, I am very impressed about your tutorials, you doing a great job revealing so many valuable hacking methods. I been playing around long time and yet i couldn’t find a stable RAT which pass runtime in 8 and 10. Please share it with me, i don’t mind pay some coins for coding, we all know quality things costs money. Waiting on your reply, thanks.

18th December 2017 at 2:12 AM

Jacob Mason

Hi, Hope you are doing great I know you are busy, so I will be quick. I came across your blog (hackeroyale.com) and found it quite interesting. I feel my writings could be a source of great interest to your readers. I’m really looking forward to getting my work published on your blog. Thanks for your time and keep the awesome work. Much Regards Jacob Mason